Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
VideoLAN VLC media player 缓冲区错误漏洞
Vulnerability Description
VideoLAN VLC media player是法国VideoLAN组织的一款免费、开源的跨平台多媒体播放器(也是一个多媒体框架)。该产品支持播放多种介质(文件、光盘等)、多种音视频格式(WMV,MP3等)等。 VideoLAN VLC media player 3.0.4版本中的modules/demux/caf.c文件的CAF demuxer存在缓冲区错误漏洞,该漏洞源于‘ReadKukiChunk()’函数将返回值强制转换为无符号的整型,即便该返回值为负。攻击者可利用该漏洞造成拒绝服务和信息泄露
CVSS Information
N/A
Vulnerability Type
N/A